/** * Checks to see if the UNIX user ID is at the console. * Should always fail on Windows (set the error to * #DBUS_ERROR_NOT_SUPPORTED). * * @param uid UID of person to check * @param error return location for errors * @returns #TRUE if the UID is the same as the console user and there are no errors */ dbus_bool_t _dbus_unix_user_is_at_console (dbus_uid_t uid, DBusError *error) { return _dbus_is_console_user (uid, error); }
/** * Unit test for dbus-userdb.c. * * @returns #TRUE on success. */ dbus_bool_t _dbus_userdb_test (const char *test_data_dir) { const DBusString *username; const DBusString *homedir; dbus_uid_t uid; unsigned long *group_ids; int n_group_ids, i; DBusError error; if (!_dbus_username_from_current_process (&username)) _dbus_assert_not_reached ("didn't get username"); if (!_dbus_homedir_from_current_process (&homedir)) _dbus_assert_not_reached ("didn't get homedir"); if (!_dbus_get_user_id (username, &uid)) _dbus_assert_not_reached ("didn't get uid"); if (!_dbus_groups_from_uid (uid, &group_ids, &n_group_ids)) _dbus_assert_not_reached ("didn't get groups"); printf (" Current user: %s homedir: %s gids:", _dbus_string_get_const_data (username), _dbus_string_get_const_data (homedir)); for (i=0; i<n_group_ids; i++) printf(" %ld", group_ids[i]); printf ("\n"); dbus_error_init (&error); printf ("Is Console user: %i\n", _dbus_is_console_user (uid, &error)); printf ("Invocation was OK: %s\n", error.message ? error.message : "yes"); dbus_error_free (&error); printf ("Is Console user 4711: %i\n", _dbus_is_console_user (4711, &error)); printf ("Invocation was OK: %s\n", error.message ? error.message : "yes"); dbus_error_free (&error); dbus_free (group_ids); return TRUE; }
BusClientPolicy* bus_policy_create_client_policy (BusPolicy *policy, DBusConnection *connection, DBusError *error) { BusClientPolicy *client; dbus_uid_t uid; dbus_bool_t at_console; _dbus_assert (dbus_connection_get_is_authenticated (connection)); _DBUS_ASSERT_ERROR_IS_CLEAR (error); client = bus_client_policy_new (); if (client == NULL) goto nomem; if (!add_list_to_client (&policy->default_rules, client)) goto nomem; /* we avoid the overhead of looking up user's groups * if we don't have any group rules anyway */ if (_dbus_hash_table_get_n_entries (policy->rules_by_gid) > 0) { unsigned long *groups; int n_groups; int i; if (!bus_connection_get_groups (connection, &groups, &n_groups, error)) goto failed; i = 0; while (i < n_groups) { DBusList **list; list = _dbus_hash_table_lookup_ulong (policy->rules_by_gid, groups[i]); if (list != NULL) { if (!add_list_to_client (list, client)) { dbus_free (groups); goto nomem; } } ++i; } dbus_free (groups); } if (!dbus_connection_get_unix_user (connection, &uid)) { dbus_set_error (error, DBUS_ERROR_FAILED, "No user ID known for connection, cannot determine security policy\n"); goto failed; } if (_dbus_hash_table_get_n_entries (policy->rules_by_uid) > 0) { DBusList **list; list = _dbus_hash_table_lookup_ulong (policy->rules_by_uid, uid); if (list != NULL) { if (!add_list_to_client (list, client)) goto nomem; } } /* Add console rules */ at_console = _dbus_is_console_user (uid, error); if (at_console) { if (!add_list_to_client (&policy->at_console_true_rules, client)) goto nomem; } else if (dbus_error_is_set (error) == TRUE) { goto failed; } else if (!add_list_to_client (&policy->at_console_false_rules, client)) { goto nomem; } if (!add_list_to_client (&policy->mandatory_rules, client)) goto nomem; bus_client_policy_optimize (client); return client; nomem: BUS_SET_OOM (error); failed: _DBUS_ASSERT_ERROR_IS_SET (error); if (client) bus_client_policy_unref (client); return NULL; }